ZFS snapshot on live system

How reliable is the ZFS snapshot if I make it during file operation?
I ask it because I would like to upgrade my XEN Hypervisor from 13.1 to 13.2 ( hypervisor use zfs and provides dataset to guests which have UFS) but before upgrade I want to replicate the guest datasets if something goes wrong.
I successfully upgraded guests some days ago to 13.2 and snapshot saved my life and I did it on the live system (means that the guest was running when I released snapshot command its dataset).
But this implied a question for me: how reliable to do snapshot on a live system? What happen if I release this command during a file write?
For example the guest OS start to write a big file (more blocks) and when I release snapshot command only block1 is written from this point any future writes will not be a part of the snapshot won't it?
Pragmatical answer:

A) Know your users. Do maintenance in non business hours.
B) Signal maintenance some days/hours ago and force logout if necessary.


ZFS snapshot is 100% reliable in the sense that whatever has been written by the time the snapshot is taken it will be in the snapshot.
Interaction between applications and snapshots is a different thing.
If an application does not allow a snapshot to be taken at an arbitrary time then you have to arrange some signalling between your snapshot solution and the application.
Ok, in my understanding: the best if I do it on an inactive dataset (nobady use it, the guest OS is halted...). But if it is not possible (for example if I want to do it on the zfsroot) it is the best if I stop all services (for example mysql etc...) before release the snapshot command.
Correct me if I wrong!


You are not wrong, but the real answer is that it depends (on exact applications that you use, exact needs, etc). Going by some sample snapshot hooks here, it seems that with Postgres you don't need to do anything special while with MySQL you need to lock tables before taking a snapshot.
I take snapshots of most of our VMs (bhyve) automatically every 30 minutes and some 'user-facing' datasets (e.g. fileservers) are snapshotted every 10 minutes. As ZFS only treats fully committed transactions as 'written data', you'll never end up with corrupted data due to snapshots. In other words: yes, ZFS snapshots are perfectly production-safe as they were designed to be safe and correct from the beginning and not an afterthought. They are also cheap and non-disruptive in both, creation and deletion, so you can just take snapshots in very short durations and discard them when not needed after a few hours.

*However*, there are various services or guest OSes that might not be able to deal with snapshots in a reliable/consistent way due to the fact that they keep (a lot) of dirty data in RAM - the most noteworthy would be databases. Starting them from a snapshot *might* work, but on very busy databases there's always a chance you might loose some transactions that haven't made it (fully) to disk.
Same goes for windows which might crap its pants when restarted from a rolled back zvol - mostly you only get the "wasn't shut down..." warning on boot, but I've also seen corrupted files/filesystems on some rare occasions over the years.
If you are planning some major upgrades to a VM I'd always take a (manual) 'cold' snapshot of the VM to be 100% sure it is consistent.

As Andriy already mentioned, postgreSQL seems to be fine being restarted from a snapshot - at least I've never had any problems with that over the last few years. Altough on a rarely written-to MySQL database (e.g. a seldomly modified wordpress site) I also never had any problems with it being resurrected from a snapshot...